SAP Knowledge Base Article - Preview

1880791 - java.lang.SecurityException:The provider IAIK may not be signed by a trusted party: AS Java fails to start

Symptom

  • The AS Java fails to start
  • The std_dispatcher.out (640-7.0x only), std_server<n>.out files from the instance work directory /usr/sap/<SID>/<InstanceID>/work show that the ConfigurationManager did not start:

Loading: LogManager ... 343 ms.
Loading: PoolManager ... 0 ms.
Loading: ApplicationThreadManager ... 62 ms.
Loading: ThreadManager ... 16 ms.
Loading: IpVerificationManager ... 15 ms.
Loading: ClassLoaderManager ... 0 ms.
Loading: ClusterManager ... 141 ms.
Loading: LockingManager ... 47 ms.
Loading: ConfigurationManager ...
Loading: ConfigurationManager returned false!
Kernel not loaded. System halted.

  • The dispatcher (640-7.0x only) and server defaultTrace files contain the following exceptions:

Error while connecting to DB.
=======================================================
com.sap.engine.frame.core.configuration.ConfigurationException: Error while connecting to DB.
 at com.sap.engine.core.configuration.impl.persistence.rdbms.DBConnectionPool.<init>(DBConnectionPool.java:119)
 at com.sap.engine.core.configuration.impl.persistence.rdbms.PersistenceHandler.<init>(PersistenceHandler.java:38)
  |
  | 
 at com.sap.engine.core.configuration.impl.persistence.rdbms.DBConnectionPool.<init>(DBConnectionPool.java:116)
 ... 14 more
Caused by: com.sap.security.core.server.secstorefs.NoEncryptionException: Encryption or decryption is not possible because the full version of the SAP Java Crypto Toolkit was not found (iaik_jce.jar is required, iaik_jce_export.jar is not sufficient) or the JCE Jurisdiction Policy Files don't allow the use of the "PbeWithSHAAnd3_KeyTripleDES_CBC" algorithm.
 at com.sap.security.core.server.secstorefs.SecStoreFS.openExistingStore(SecStoreFS.java:1975)
 at com.sap.sql.connect.OpenSQLConnectInfo.getStore(OpenSQLConnectInfo.java:802)
 at com.sap.sql.connect.OpenSQLConnectInfo.lookup(OpenSQLConnectInfo.java:783)
 at com.sap.sql.connect.OpenSQLDataSourceImpl.setDataSourceName(OpenSQLDataSourceImpl.java:209)
 ... 16 more
Caused by: java.lang.SecurityException: The provider IAIK may not be signed by a trusted party
 at javax.crypto.SunJCE_b.a(DashoA12275)
 at javax.crypto.Cipher.a(DashoA12275)
 at javax.crypto.Cipher.getInstance(DashoA12275)
 at com.sap.security.core.server.secstorefs.Crypt.<init>(Crypt.java:220)
 at com.sap.security.core.server.secstorefs.SecStoreFS.<init>(SecStoreFS.java:1346)
 at com.sap.sql.connect.OpenSQLConnectInfo.getStore(OpenSQLConnectInfo.java:798)
 ... 18 moreLoading: ConfigurationManager returned false!

Kernel not loaded. System halted.


Read more...

Environment

SAP NETWEAVER RELEASE INDEPENDENT

Product

SAP Composition Environment all versions ; SAP NetWeaver all versions

Keywords

applicatiion java.lang.SecurityException IAIK signed trusted party configuration manager , KBA , BC-JAS-SEC-CPG , Cryptography , Problem

About this page

This is a preview of a SAP Knowledge Base Article. Click more to access the full version on SAP for Me (Login required).

Search for additional results

Visit SAP Support Portal's SAP Notes and KBA Search.